Industry leaders from technology, financial services, telecom, and cybersecurity sectors respond to Biden’s Executive Order, commit to a more secure future for software; open source luminary Brian Behlendorf becomes general manager

LOS ANGELES, Calif – KubeCon – October 13, 2021 –  The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it has raised $10 million in new investments to expand and support the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together multiple open source software initiatives under one umbrella to identify and fix cybersecurity vulnerabilities in open source software and develop improved tooling, training, research, best practices, and vulnerability disclosure practices. Open source luminary Brian Behlendorf will serve the OpenSSF community as General Manager. 

Financial commitments from Premier members include Amazon, Cisco, Dell Technologies, Ericsson, Facebook, Fidelity, GitHub, Google, IBM, Intel, JPMorgan Chase, Microsoft, Morgan Stanley, Oracle, Red Hat, Snyk, and VMware. Additional commitments come from General members Aiven, Anchore, Apiiro, AuriStor, Codethink, Cybertrust Japan, Deepfence, Devgistics, DTCC, GitLab, Goldman Sachs, JFrog, Nutanix, StackHawk, Tencent, TideLift, and Wind River.

“This pan-industry commitment is answering the call from the White House to raise the baseline for our collective cybersecurity wellbeing, as well as ‘paying it forward’ to open source communities to help them create secure software from which we all benefit,” said Jim Zemlin, executive director at the Linux Foundation. “We’re pleased to have Brian Behlendorf’s leadership and extensive expertise on building and sustaining large communities and technical projects applied to this work. With the tremendous growth and pervasiveness of open source software, building cybersecurity practices and programs that scale is our biggest task at hand.”

According to industry reports (“2021 State of the Software Supply Chain,” by Sonatype), software supply chain attacks have increased 650 percent and are having a severe impact on business operations. In the wake of increasing security breaches, ransomware attacks, and other cybercrimes tied to open source software, government leaders worldwide are calling for private and public collaboration. Because open source software makes up at least 70 percent of all software (“2020 Open Source Security and Risk Analysis Report” by Synopsys), the OpenSSF offers the natural, neutral, and pan-industry forum to accelerate the security of the software supply chain. 

“There has never been a more exciting time to work in the open source community, and software supply chain security has never needed more of our attention,” said Brian Behlendorf, general manager, Open Source Security Foundation. “There is no single silver bullet for securing software supply chains.  Research, training, best practices, tooling and collaboration require the collective power of thousands of critical minds across our community. Funding for OpenSSF gives us the forum and resources to do this work.”

The OpenSSF is home to a variety of open source software, open standards, and other open content work for improving security. Examples include:

For more information about OpenSSF, please visit: https://openssf.org/

Premier Member Quotes

AWS

“Open source software plays an increasingly crucial role across the whole landscape of information security. Convening industry leaders to invest in developing policies, practices, tooling, and education around open source security benefits us all. AWS was a founding member of the Core Infrastructure Initiative in 2014, and we will now build on the relationships and investments that continue the mission by joining OpenSSF as a Premier Member. With our partners in this initiative, and as active participants in many open source communities, we will help raise the bar in the security of open source software,” said Mark Ryland, Director of the Office of the CISO at AWS.

Cisco

“OpenSSF will enable the community, across industries, to build tools and practices to secure the software supply chain for open source and beyond. This is crucial to the future of API and application security, which are fast becoming a primary attack vector for all business going forward,” says Vijoy Pandey, VP of Emerging Technologies & Incubation at Cisco. “At Cisco, we believe the application experience is the new brand, which demands better app velocity, trust, security, and availability. This belief drives our deep investment in application security and full-stack observability, which is why joining forces with this prestigious foundation and group as a trusted advisor and partner was a no-brainer for us.”

Dell Technologies 

“The Linux Foundation’s focus on security is fundamental to addressing the increasing risks associated with software,” said John Roese, Dell Technologies’ Global Chief Technology Officer. “The Open Source Security Foundation’s work will help us collectively make sure critical software programs and the end to end software delivery pipeline is secure and trustworthy.”

Ericsson

“As a leader in mobile communication, pioneering and driving 5G globally, security is at the core of the network infrastructure we build and deliver to our customers. In an industry increasingly built around open source and open standardization we are fully committed to address cybersecurity vulnerabilities in a collaborative effort. We are proud to join the Open Source Security Foundation as a founding member and we look forward to continue to work with the community and wider industry for a secure software supply chain, including the open source components,” says Erik Ekudden, Senior Vice President and Chief Technology Officer, Ericsson.

Fidelity

“Open Source Software plays a critical role in Fidelity’s technology strategy. We are proud to be part of the Open Source Security Foundation and to work with others to ensure that Open Source solutions and their supply chains are safe, secure, and reliable, enabling Fidelity to better serve our customers and clients,” said John Andrukonis, SVP, Fidelity Application Architecture.

GitHub

“The world runs on software, and most of that software includes and relies on open source,” said Mike Hanley, Chief Security Officer at GitHub. “As the home to more than 65 million developers around the world, we’re excited to continue partnering across the open source community and with other Open Source Security Foundation members to power a more secure, trustworthy future that will benefit everyone.”

Google

“We are doubling down on our OpenSSF commitment in the wake of rising open source software supply chain attacks and President Biden’s Executive Order,” said Eric Brewer, vice president of infrastructure and fellow at Google. “This decision is part of our White House pledge to spend $100 million to fund open source security foundations and follows a variety of investments we’ve made to support developers and security engineers across the public and private sectors. The OpenSSF is the best place for cross-industry leadership for these very challenging topics, and we look forward to working with the US and other governments to improve security worldwide.” 

IBM 

“IBM is deeply focused on developing and building highly secure hybrid cloud, AI and quantum-safe technologies that are designed to protect our clients’ most sensitive workloads both today and into the future,” said Jamie Thomas, General Manager, Strategy & Development and IBM Enterprise Security Executive. “As a long-time open source leader, IBM looks forward to working with the OSSF, our industry partners, and open source communities towards addressing the ever-increasing challenge of hardware and software open source supply chain security.”

Intel

“As a long-standing member of the open source software community, Intel contributes daily in the upstream projects we collaborate with,” said Greg Lavender, senior vice president, CTO, and general manager of Software and Advanced Technology at Intel Corporation. “Along with the Linux Foundation, we believe the Open Security Foundation (OpenSSF) is a unique opportunity to engage in projects and efforts focused on improving the quality and security for today and our future. Intel remains committed to providing contributions that benefit open source software supply chains and improving the security posture of critical projects on which our ecosystem depends.”

JPMorgan Chase

“JPMorgan Chase is deeply committed to working with the open source community to solve our most pressing security challenges. As a founding member of the Open Source Security Foundation, we have worked together to improve the security of open source and the integrity of all software. We commend the US Government’s recent initiative to raise awareness on this pressing topic and call to action the technology community to solve one of the most complex security challenges of our time.  We welcome the new members to OpenSSF and look forward to continuing the journey of innovation and bringing meaningful change to how we build, secure, and validate software,” said Pat Opet, Chief Information Security Officer, JPMorgan Chase & Co.

Microsoft

“As open source is now core to nearly every company’s technology strategy, securing open source software is an essential part of securing the supply chain for every company, including our own. All of us at Microsoft are excited to participate with others in contributing new investments to the Open Source Security Foundation and we look forward to building more secure software through community-driven efforts to create solutions that will help us all,” said Mark Russinovich, Azure CTO and Technical Fellow, Microsoft.

Morgan Stanley

“Whether we are leveraging open source in our own code, contribute to OSS projects, or consume OSS via technology we procure and utilize, the safety and security of OSS and the creation of a trustworthy supply chain is critical to all businesses. To that end, we are delighted to join the Linux Foundation’s Open Source Security Foundation project to collaborate with our cross-industry partners to improve the security, safety and trust in the OSS ecosystem,” said Neil Allen, Global Head of Cyber Security Engineering, Morgan Stanley.

Oracle

“As a contributing member of the open source software community and an inaugural Linux Foundation member, Oracle has a large number of developers that contribute to third-party open source projects daily,” said Wim Coekaerts, senior vice president of software development, Oracle. “Oracle looks forward to participating in the Open Source Security Foundation and working with other members to continue to strengthen the software supply chain, helping customers work more securely.”   

Red Hat

“Open source is pervasive in software solutions of all kinds, and cybersecurity attack rates are on the rise. Our customers look to Red Hat to provide trust and enhanced security in our open source based portfolio. Open source and community collaboration is the best way to solve big, industry-wide challenges, such as open source supply chain security. And that’s why we’re excited to join together with the Linux Foundation and other industry leaders so we can continue to improve the technologies and practices to build a more secure future from open source software,” said Chris Wright, senior vice president and CTO, Red Hat.

Snyk

“Open source is built by millions of empowered developers, who also need to secure this critical foundation of the digital world,” said Guy Podjarny, Founder & President, Snyk. “The vital work of the Linux Foundation and the OpenSSF ensures we collectively live up to this responsibility. The Snyk community is fully committed to this important, collaborative effort and we look forward to working closely with the other OpenSSF members to better secure OSS so it can continue to safely fuel innovation.”

VMware

“Every company that uses software should be concerned about their software supply chain,” said Kit Colbert, chief technology officer, VMware. “For two-plus years, VMware has engaged in contributions to open source projects in the broader software supply chain security space and invested in initiatives to help customers further strengthen their security policies and processes. As a member of the Open Source Security Foundation, we’re committed to collaborating across the industry to drive increased level of software supply chain security.”

General Member Quotes 

Apiiro

“Software supply chain risks are becoming pervasive, with the potential to slow application delivery and stunt innovation,” commented John Leon, VP of Business Development at Apiiro. “Managing application risk has become increasingly complex and requires visibility across the SDLC – including the supply chain. Apiiro is excited to partner with the open source community and support the Linux Foundation and OpenSSF as they power the collaboration that is vital to securing software.”

AuriStor

“AuriStor’s founders have contributed to the standardization of security protocols and open source development of security first software for more than 35 years. We view the OpenSSF, its working groups and projects, and those that participate in them as crucial to improving the security of every industry, service, and home.  The OpenSSF has the potential to make a significant difference in everyone’s future. We encourage all members of the software development community to contribute,” said AuriStor Founder and CEO Jeffrey Altman.

Devgistics

“We seized the opportunity to join this foundation because OpenSSF offers a real industry-neutral forum to accelerate the hardening and security of the software supply chain. Devgistics (formerly InfoSiftr) provides critical enhancements to the world’s most popular open-source repository. Devgistics has been involved in many free and open-source initiatives for years, including being a Moby (Docker Engine) maintainer, providing support to the Docker/container ecosystem, and serving in the Open Container Initiative. Devgistics continues to contribute cutting-edge solutions for security-conscious clients like the US Air Force,” said Devgistics Founder and President Justin Steele. 

DTCC

“DTCC is committed to developing highly resilient and secure code to safeguard the financial marketplace. DTCC is proud to be part of the OpenSSF community and looks forward to partnering with our fellow members on safe, secure and reliable computing,” said Ajoy Kumar, Head of Tech/Cyber Risk at DTCC.

GitLab

“As organizations modernize software development and shift security left, GitLab believes that open source will play a key role in fostering this modernization and delivering secure software with speed to the market,” said Eric Johnson, CTO at GitLab. “Supporting the Open Source Security Foundation aligns with GitLab’s mission of enabling everyone to contribute, and we look forward to supporting, collaborating, and sharing our expertise in implementing security in GitLab’s DevOps Platform to the OpenSSF community.”

Goldman Sachs

“Continuing to secure the software supply chain, in particular the many critical open source projects foundational to any modern organization’s IT architecture, is a top strategic imperative for Goldman Sachs, our peers, partners, and clients in financial services, the technology ecosystem, and the wider economy,” said Atte Lahtiranta, chief technology officer at Goldman Sachs. “This work cannot be done in individual organizational silos. We instead need to work collaboratively, across both the private and public sector, together with open source maintainers and contributors, to answer the call to action that is the recent cybersecurity executive order. The OpenSSF will provide an essential forum and associated infrastructure to allow us to share leading practices, develop improved tooling, and work together to better protect our digital infrastructure.”

JFrog

“Open-source software is the backbone of hundreds of thousands of today’s applications, making it critical that we do our best to flag new vulnerabilities and insecure components fast—before they compromise businesses or critical infrastructure,” said Asaf Karas, JFrog Security CTO. “We’re happy to expand our membership with the Linux Foundation and support this cross-industry collaboration to identify and fix open source security vulnerabilities, strengthen tools, and promote best practices to ensure developers can easily shift left and bake-in security from the start of application planning and design — all the way to software deployment, distribution, and runtime.”

StackHawk

“Software development is moving faster than ever before. The industry needs tooling and processes to ensure that security can keep up with today’s pace of development. StackHawk is excited about the work that the Open Source Security Foundation is doing to improve security and we are proud to continue as a member,” said Joni Klippert, StackHawk Founder & CEO.

Tencent

“IT development to date, an increasing number of critical businesses and core competencies have been built on open source, and this trend will continue. As an important part of the software supply chain, open source security plays an important role in the entire software supply chain. Tencent Cloud has always been keen to contribute code and technology to open source projects, and also maintains a continuous huge investment in security. It is very gratifying to see that OpenSSF can be established, and we look forward to working closely with industry  partners to improve the security level of open source software and strengthen the software supply chain security,” said KK Dong, Chief Security Officer at Tencent Cloud.

Wind River

“As the dependency on open-source software becomes increasingly pervasive, the Open Source Security Foundation’s community-driven approach to developing and sharing security metrics, tools and best practices becomes an imperative. Our customers are actively interested in the health of the open source from which their solutions are constructed, and assuring secure development across open the supply chain is vital,” said Paul Miller, CTO, Wind River. “We are looking forward to collaborating more closely with the OpenSSF community. By working together, Wind River can provide customers with a level of open source security assurance that would otherwise be unobtainable.”

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,800 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, Hyperledger, RISC-V, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at https://www.linuxfoundation.org/

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contacts

Jennifer Cloer

503-867-2304

jennifer@storychangesculture.com

  • News announced via LFN governing board member, Koby Atival, during ONE Summit keynote
  • Fully open-sourced, L3AF enables Kernel Function as a Service by providing complete lifecycle management of eBPF networking application programs
  • The project brings a strong existing ecosystem, with support from Microsoft, Wipro, Tech Mahindra, and more

SAN FRANCISCO, October 11, 2021LF Networking (LFN), which facilitates collaboration and operational excellence across open source networking projects, today announced that Walmart has moved its L3AF project to the Linux Foundation. L3AF provides complete life-cycle management of eBPF networking application programs with the help of an advanced control plane, offering a cloud and vendor-agnostic platform for launching and managing eBPF programs.

Koby Avital, executive vice president, Walmart Global Tech, announced the news during his keynote address, “Open Innovation Driving Retail Transformation” as part of Open Networking and Edge (ONE) Summit + Kubernetes on Edge Day, this morning.

“I’m excited to open source L3AF, a platform that has allowed us to operate various security and network functions in this omni environment,” said Koby Avital, Executive Vice President, Walmart Global Tech. “With L3AF life cycle management, we’ve been able to tap into the power of eBPF while accelerating and streamlining its usage. This has allowed us to replace third party and Cloud provider-specific solutions with a common platform that’s not only much easier to manage but also more cost effective. By sharing this capability with the community, we hope to help accelerate the development of solutions for managing an omni environment for other enterprises or service providers and bring about standards and practices that benefit everyone.”

“L3AF as a network application for large-scale enterprise complements the eBPF Foundation and other accelerated forwarding and data plane projects under LF networking quite well,” said Arpit Joshipura, general manager, Networking, Edge and IoT, the Linux Foundation. “We’re looking forward to building an open source networking community within this critical application space.”

L3AF is an open source project, developed by Walmart, housing cutting-edge solutions in the realm of eBPF (a revolutionary technology that allows us to run sandboxed programs in an operating system kernel) that provides complete life-cycle management of eBPF programs with the help of an advanced control plane that has been written in Golang. The  control plane orchestrates and composes independent eBPF programs across the network infrastructure to solve crucial business problems. L3AF’s eBPF programs include load-balancing, rate limiting, traffic mirroring, flow exporter, packet manipulation, performance tuning, and many more. 

For more information on the L3AF project, read this 3-part introductory blog series or visit the website at​​ l3af.io

Quotes from Supporting Organizations

Microsoft 

“Lifecycle management of eBPF programs is an exciting area of innovation that will enable new scenarios and use cases,” said Krishna Ganugapati, VP of Software Engineering, Microsoft.  “We look forward to collaborating with Walmart and the L3AF project.”

Tech Mahindra

As a founding member of the L3AF project, we are pleased to see the community join Linux Foundation Networking as a neutral venue for open collaboration,” Manish Mangal, Global Business Head – Network Services, Tech Mahindra. “The collective work being done in L3AF to provide eBPF- based networking and observability solutions in an open format is aligned with Tech Mahindra’s mission to unlock the value of 5G and Networks by helping Enterprises and CSPs transform to Cloud Native Software Centric Digital Operators. We are eager to see the work progress even further.” 

Wipro

“Walmart is making a significant technology contribution in open sourcing the L3AF platform, enabling production-tested secure kernel-level networking functionality required by the edge computing ecosystem. Open sourcing L3AF under the Linux Foundation umbrella will provide the support necessary for increased pace of innovation and industry adoption,” said Andrew Aitken, General Manager, Open Source Leader, Office of CTO, Wipro Limited. 

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

Experts and industry leaders will gather for thought-provoking insights and conversations about how to best leverage open source in fintech and finserv to solve industry challenges.

SAN FRANCISCO, October 7, 2021The Linux Foundation, the nonprofit organization enabling mass innovation through open source, along with co-host Fintech Open Source Foundation (FINOS), a nonprofit whose mission is to accelerate adoption of open source software, standards and best practices in financial services, today announced keynote speakers for Open Source Strategy Forum New York (OSSF). The event takes place November 10, preceded by a FINOS Member event on November 9, in New York City. The schedule can be viewed here and the keynote speakers can be viewed here

OSSF features an agenda covering recent developments and the direction of open source in financial services across a wide range of topics and domains. The event promotes deeper collaboration across finance, open source and technology and drives innovation across the industry in order to deliver better code, faster.

Keynote speakers this year include:

  • Antoine Amend, Technical Director – Financial Services, Databricks
  • Jo Ann Barefoot, CEO & Co-Founder, Alliance for Innovative Regulations
  • Nadine Chakar, Head of Global Markets, State Street   
  • Gabriele Columbro, Executive Director, FINOS
  • Jean-Thierry (JT) Dupuy, Vice President, Head of Client Services, Symphony 
  • Brad Levy, CEO, Symphony
  • John Madsen, Co-Head of Technology, Goldman Sachs
  • Sultan Meghji, Chief Innovation Officer, FDIC
  • Igor Seletskiy, CEO & Founder, TuxCare

Conference Session Highlights:

Registration is available for US$449 through October 13. Members of The Linux Foundation receive a 20 percent discount – members can contact events@linuxfoundation.org to request a member discount code. Members of FINOS can attend at no cost – members can contact ossf@finos.org to request the FINOS Member registration code. 

Health and Safety
Attendees will be required to be fully vaccinated against the COVID-19 virus and wear a mask while onsite at the event. Additionally, all attendees will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage and read our blog post.

Sponsor
For information on becoming an event sponsor, click here or email us for more information and to speak to our team. The sponsorship deadline is October 26.

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, Linkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact
Kristin O’Connell
The Linux Foundation
koconnell@linuxfoundation.org

Rooted in academia, the PaSh project prepares for industrial adoption

SAN FRANCISCO, Calif., September 21, 2021 — The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it will host the PaSh project. PaSh is a system for automatically parallelizing POSIX shell scripts that optimizes programs and speeds up execution times, leading to faster results for data scientists, engineers, biologists, economists, administrators, and programmers.

The project is supported by MIT, Rice University, Stevens Institute of Technology, and the University of Pennsylvania and governed by a Technical Steering Committee that includes Nikos Vasilakis, research scientist at MIT; Michael Greenberg, assistant professor at Stevens Institute of Technology; and Konstantinos Kallas, Ph.D. student at University of Pennsylvania.

“The Linux Foundation offers the technical governance infrastructure and services that PaSh has come to require as it has become more mature,” said Nikos Vasilakis, Technical Steering Committee chair for the PaSh Project. “We created the project to improve upon and accelerate the execution of shell scripts in the face of new web crawling, indexing and natural language processing changes.”

Konstantinos Kallas, Technical Steering Committee member for the PaSh project, adds “PaSh has received significant attention from the academic community and has the potential for an outsized impact in industry today, due to several synergistic trends. This is the right move at the right time.”

The techniques underpinning the project have gathered several awards, including a best paper award at the 16th edition of the EuroSys conference and a graduate research award for Konstantinos by the Association of Computing Machinery.

From succinct data wrangling and everyday processing to system orchestration and administration, shell scripting—the ever-present glue holding commands developed in different languages  together—forms the backbone of today’s computing userspace. PaSh parallelizes shell scripts, achieving significant performance improvements. On modern multiprocessor computers, PaSh can execute tasks like web crawling and indexing, COVID19-related analyses, natural-language processing, and other workloads in a fraction of their original time with minimal-to-zero developer effort.

“Shell scripts have been used pervasively for half a century, and recent trends towards ‘containerization’ have only increased their importance,” said Michael Greenberg, Technical Steering Committee member for the PaSh Project. “The correct and automated parallelization of shell scripts has been an issue for several decades. PaSh promises a speed boost to shell users of all stripes.”

To accelerate shell scripts, PaSh provides a source-to-source parallelizing compiler, a program that takes as input a programmer’s shell script and returns a new program that is significantly faster than the original program. Since PaSh is source-to-source, it allows the optimized shell script to be inspected and executed using the same tools, in the same environment, and with the same data as the original script. A small runtime library and associated annotations on programs commonly used in shell scripts complete the picture, providing the PaSh compiler with high-performance primitives and supporting its key functions.

“The PaSh Project represents innovation in computer science and open source software,” said Mike Dolan, general manager and senior vice president of Projects at the Linux Foundation. “As software development evolves to address machine learning, containerization, artificial intelligence and more, PaSh shows up to support developers and data scientists who need more out of their scripting tools. We’re happy to be able to host this important work at Linux Foundation, a natural home for a project like this.”

To learn more and to get involved in the PaSh project, please visit http://binpa.sh/

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact

Jennifer Cloer
Story Changes Culture
503-867-2304
jennifer@storychangesculture.com

This by-invitation event for Linux Foundation member organizations fosters collaboration, innovation, and partnerships among the leading projects and organizations working to drive digital transformation with open technologies.


SAN FRANCISCO, September 21, 2021The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the agenda and speaker lineup for the 2021 Linux Foundation Member Summit (LFMS), taking place November 2-4 at the Silverado Resort in Napa Valley, California. The keynote speakers can be viewed here and the full schedule can be viewed here.

LFMS, (formerly Open Source Leadership Summit), is a by-invitation event for Linux Foundation member organizations, where technical and business leaders convene to drive digital transformation and learn how to collaboratively manage the largest shared technology investment of our time. LFMS is a must-attend event for those looking to advance open source strategy, implementation and investment.

“Open source technology continues to show its strength and value to businesses across many different verticals and sectors, as well as its impact on the bottom line”, says Jim Zemlin, Executive Director, The Linux Foundation. “Our Member Summit is an opportunity for the best and brightest technical, business and community leaders to come together and share their valuable insights and experiences and to collaborate on important open source technology innovation.”

Keynote Speakers Include:

  • Josh Aas, Executive Director, Internet Security Research Group discussing Prossimo
  • Brian Christian, Author, “The Alignment Problem: Machine Learning and Human Values” & “The Most Human Human“; Co-author of “Algorithms to Live By” sharing on the intersection of AI and humanity   
  • Gabriele Columbro, Executive Director, Fintech Open Source Foundation providing project updates
  • Colin Eberhardt, Technology Director, Scott Logic discussing WebAssembly
  • Ali Fenn, President, ITRenew talking about circular data centers
  • Jennifer Fernick, SVP & Global Head of Research, NCC Group and Dr. David A. Wheeler, Director of Open Source Supply Chain Security, The Linux Foundation discussing OpenSSF
  • Luke Hinds, Security Engineering Lead, CTO Office, Red Hat sharing on sigstore
  • Sumer Johal, Executive Director, AgStack Foundation providing project updates
  • Kim Lewandowski, Product, Stealth Startup discussing the SLSA framework
  • Dan Lorenc, Software Engineer, Google sharing on the state of OSS Supply Chain Security
  • Gary O’Neall, CEO, Source Auditor Inc. and Kate Stewart, VP, Dependable Embedded Systems, The Linux Foundation discussing SPDX
  • Calista Redmond, CEO, RISC-V International talking about open hardware
  • Liz Rice, Chief Open Source Officer, Isovalent discussing cloud native security
  • Jon Stine, Executive Director, The Open Voice Network providing project updates
  • Jenny Wanger, Director of Programs, LF Public Health providing project updates
  • Jim Zemlin, Executive Director, The Linux Foundation providing foundation updates

Session Highlights:

  • The Coming Culture Challenges for Open Source Projects – Stephen Walli, Microsoft
  • The Importance of DEIA (Diversity, Equity, Inclusion, Accessibility) in Open Source – Anni Lai, Futurewei; Priyanka Sharma, CNCF; Tina Tsou, Arm; and Arun Gupta, Apple
  • Pandemic Pivots of an OSPO – Nithya Ruff, Comcast
  • The Prometheus Story: How a Side Project Became the Global Market Leader – Richard Hartmann, Grafana Labs
  • Trademarks and Open Source – Daniel Scales, The Linux Foundation
  • We Are Many, but We Are One – Tracy Miranda, Continuous Delivery Foundation; Sharon Jerop Kipruto, Google; Priti Desai, IBM; Christie Wilson, Google; and Kara de la Marck, CloudBees


Attend

Attendance to The Linux Foundation Member Summit is limited to members of The Linux Foundation, as well as to governing board members of LF Projects, media, speakers and sponsors. Invitation codes have been sent to member organization representatives. If you already have an invitation code, please go ahead and register here. If you do not, you may contact us for more information on attendance opportunities.

Sponsor
The Linux Foundation Member Summit is made possible thanks to our sponsors, including Co-Hosts: Google and TARS Foundation, Reception Sponsor: Cloud Native Computing Foundation, Lunch Sponsors: AWS and Oracle, Breakfast and Breaks Sponsors: Dell Technologies, IBM and VMware and Supporter: Indeed.

If you are not an LF member company, but would like to attend The Linux Foundation Member Summit, sponsoring it is an excellent opportunity to gain additional access to the event and its attendees for strategic discussions and collaboration. Learn more here

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

Health and Safety
Attendees will be required to be fully vaccinated against the COVID-19 virus and will need to wear a mask while onsite and comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage and read our blog post.

Travel Funding
The Linux Foundation’s Travel Fund is accepting applications, to enable those to join the event who might otherwise not be able to due to a lack of funding. We place an emphasis on funding applicants who are from historically underrepresented or untapped groups and/or those of lower socioeconomic status. Note that you must have an invitation to the event in order to apply for travel funding. To learn more and apply, click here.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, Linkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact
Kristin O’Connell
The Linux Foundation
koconnell@linuxfoundation.org

Experts and industry leaders from financial services, technology and open source will gather for thought-provoking insights and conversations about how to best leverage open source software to solve industry challenges.

SAN FRANCISCO, September 16, 2021The Linux Foundation, the nonprofit organization enabling mass innovation through open source, along with co-host Fintech Open Source Foundation (FINOS), a nonprofit whose mission is to accelerate adoption of open source software, standards and best practices in financial services, today announced keynote speakers for Open Source Strategy Forum London (OSSF). The event takes place October 5, preceded by a FINOS Member event on October 4, in London, England. The schedule can be viewed here and the keynote speakers can be viewed here

OSSF’s goal is to deepen collaboration across finance, open source and technology and drive innovation across the industry in order to deliver better code, faster. The event will feature 35+ sessions, revealing recent developments and the direction of open source in financial services across a wide range of topics and domains.

“We are entering what can only be referred to as the golden age for Open Source in Financial Services”, said Gabriele Columbro, Executive Director, FINOS. “In the last year not only have we seen an exponential growth in contributions from Financial Institutions – something frankly unprecedented – but we are now witnessing the industry coming together to solve long standing business challenges through open collaboration. I am truly excited to have so many leaders at OSSF sharing their vision for an open financial stack, and to be able to bring our community together for a fantastic and unique event like OSSF.”

Keynote speakers this year include:

  • Gabriele Columbro, Executive Director, FINOS
  • Nick Cook, Head of Global Strategy and Partnerships, Alliance for Innovative Regulation (AIR), and former Head of Innovation, UK Financial Conduct Authority (FCA)
  • Jane Gavronsky, Chief Technology Officer, FINOS, and former Managing Director, Credit Suisse
  • Russell Green, Managing Director, Deutsche Bank AG
  • Liz Rice, Chief Open Source Officer, Isovalent

Conference Session Highlights:

Attending companies include: Adaptive Financial Consulting Limited, Audace Labs, Avanade, Bitergia, Canonical, Citi Group, Cosaic, Demodyfi, Deutsche Bank, Digital Asset, EPAM Systems, Evolveum, Fidelity Investments, GitHub, GitLab, Goldman Sachs, IHS Markit, ING, International Swaps and Derivatives Association, Itaú Unibanco SA, Large Credit Union Coalition, London Stock Exchange, Morgan Stanley, Nomura Holdings, Point72 Asset Management, Red Hat, Scott Logic, Symphony, TD Securities, Wipro, U.S. Bank, and many more.

Registration is available for 460 GBP. Members of The Linux Foundation receive a 20 percent discount – members can contact events@linuxfoundation.org to request a member discount code. Members of FINOS can attend at no cost – members can contact ossf@finos.org to request the FINOS Member registration code. 

Health and Safety
Attendees will be required to be fully vaccinated against the COVID-19 virus and wear a mask while onsite at the event. Additionally, all attendees will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage and read our blog post.

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, Linkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact
Kristin O’Connell
The Linux Foundation
koconnell@linuxfoundation.org

Backed by many of the world’s largest companies for more than a decade, SPDX formally becomes an internationally recognized ISO/IEC JTC 1 standard during a transformational time for software and supply chain security

SAN FRANCISCO, September 9, 2021 – The Linux Foundation, Joint Development Foundation, and the SPDX community, today announced the Software Package Data Exchange® (SPDX®) specification has been published as ISO/IEC 5962:2021 and recognized as the international open standard for security, license compliance, and other software supply chain artifacts. ISO/IEC JTC 1 is an independent, non-governmental standards body. 

Intel, Microsoft, Siemens, Sony, Synopsys, VMware, and WindRiver are just a small sample of the companies already using SPDX to communicate Software Bill of Materials (SBOM) information in policies or tools to ensure compliant, secure development across global software supply chains. 

“SPDX plays an important role in building more trust and transparency in how software is created, distributed, and consumed throughout supply chains. The transition from a de-facto industry standard to a formal ISO/IEC JTC 1 standard positions SPDX for dramatically increased adoption in the global arena,” said Jim Zemlin, executive director, the Linux Foundation. “SPDX is now perfectly positioned to support international requirements for software security and integrity across the supply chain.” 

Between eighty and ninety percent (80%-90%) of a modern application is assembled from open source software components. An SBOM accounts for the software components contained in an application — open source, proprietary, or third-party — and details their provenance, license, and security attributes. SBOMs are used as a part of a foundational practice to track and trace components across software supply chains. SBOMs also help to proactively identify software issues and risks and establish a starting point for their remediation.

SPDX results from ten years of collaboration from representatives across industries, including the leading Software Composition Analysis (SCA) vendors – making it the most robust, mature, and adopted SBOM standard. 

“As new use cases have emerged in the software supply chain over the last decade, the SPDX community has demonstrated its ability to evolve and extend the standard to meet the latest requirements. This really represents the power of collaboration on work that benefits all industries,” said Kate Stewart, SPDX tech team co-lead. “SPDX will continue to evolve with open community input, and we invite everyone, including those with new use cases, to participate in SPDX’s evolution and securing the software supply chain.”  

For more information on how to participate in and benefit from SPDX, please visit: https://spdx.dev.

To learn more about how companies and open source projects are using SPDX, recordings from the “Building Cybersecurity into the Software Supply Chain” Town Hall that was held on August 18th are available and can be viewed at: https://events.linuxfoundation.org/supply-chain-town-hall/ 

ISO/IEC JTC 1 is an independent, non-governmental international organization based in Geneva, Switzerland. Its membership represents more than 165 national standards bodies with experts who share knowledge and develop voluntary, consensus-based, market-relevant international standards that support innovation and provide solutions to global challenges.

Supporting Comments

Intel

“Software security and trust are critical to our Industry’s success. Intel has been an early participant in the development of the SPDX specification and utilizes SPDX both internally and externally for a number of software use-cases,” said Melissa Evers, Vice President – Software and Advanced Technology Group, General Manager of Strategy to Execution, Intel.

Microsoft

“Microsoft has adopted SPDX as our SBOM format of choice for software we produce,” says Adrian Diglio, Principal Program Manager of Software Supply Chain Security at Microsoft. “SPDX SBOMs make it easy to produce U.S. Presidential Executive Order compliant SBOMs, and the direction that SPDX is taking with the design of their next gen schema will help further improve the security of the software supply chain.”

Siemens

“With ISO/IEC 5962:2021 we have the first official standard for metadata of software packages. It’s natural that SPDX is that standard, as it’s been the de facto standard for a decade. This will make license compliance in the supply chain much easier, especially because several open source tools like FOSSology, ORT, scancode, and sw360 already support SPDX,” said Oliver Fendt, senior manager, open source at Siemens. 

Sony

”The Sony team uses various approaches to managing open source compliance and governance,” says Hisashi Tamai, Senior Vice President, Deputy President of R&D Center, Representative of the Software Strategy Committee, Sony Group Corporation. “An example is the use of an OSS management template sheet that is based on SPDX Lite, a compact subset of the SPDX standard. It is important for teams to be able to quickly review the type, version, and requirements of software, and using a clear standard is a key part of this process.”

Synopsys

“The Black Duck team from Synopsys has been involved with SPDX since its inception, and I personally had the pleasure of coordinating the activities of the project’s leadership for more than a decade. Representatives from scores of companies have contributed to the important work of developing a standard way of describing and communicating the content of a software package,” said Phil Odence, General Manager, Black Duck Audits.

VMware

“SPDX is the essential common thread among tools under the Automating Compliance Tooling (ACT) Umbrella. SPDX enables tools written in different languages and for different software targets to achieve coherence and interoperability around SBOM production and consumption. SPDX is not just for compliance, either; the well-defined and ever-evolving spec is also able to represent security and supply chain implications. This is incredibly important for the growing community of SBOM tools as they aim to thoroughly represent the intricacies of modern software,” said Rose Judge, ACT TAC Chair and open source engineer at VMware.

Wind River

“The SPDX format greatly facilitates the sharing of software component data across the supply chain. Wind River has been providing a Software Bill of Materials (SBOM) to its customers using the SPDX format for the past 8 years. Often customers will request SBOM data in a custom format. Standardizing on SPDX has enabled us to deliver a higher quality SBOM at a lower cost,” said Mark Gisi, Wind River Open Source Program Office Director and OpenChain Specification Chair.

About SPDX

SPDX is an open standard for communicating software bill of material information, including provenance, license, security, and other related information. SPDX reduces redundant work by providing common formats for organizations and communities to share important data, thereby streamlining and improving compliance, security, and dependability. For more information, please visit us at spdx.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page:  https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact

Jennifer Cloer

for the Linux Foundation

503-867-2304

jennifer@storychangesculture.com

Four additional keynotes speakers will grace the main stage at Open Networking and Edge Summit + Kubernetes on Edge Day to share expertise across Automation and AI, 5G, and the power of Open Ecosystems 

SAN FRANCISCO, August 18, 2021The Linux Foundation, the nonprofit organization enabling mass innovation through open source, along with co-hosts LF Edge, LF Networking, and Cloud Native Computing Foundation (CNCF), ​​today announced four top keynote speakers for Open Networking and Edge (ONE) Summit + Kubernetes on Edge Day, taking place October 11-12 in Los Angeles, Calif. The events will be produced in a hybrid format, with both in-person and virtual participation available, and are co-located with KubeCon + CloudNativeCon North America (October 11-15). 

ONE Summit  is the industry’s premier open networking & edge computing event gathering developers, architects and business leaders across enterprises, government, global services providers and cloud for education, inspiration and collaboration. This year, it is joined by Kubernetes on Edge Day which gathers developers and adopters to share their lessons learned in building, breaking, and bettering their edge infrastructure on top of Kubernetes.

“I am especially eager to learn from our newest confirmed keynote speakers, who represent not only the diversity of our community, but the diversity of expertise across the space,” said Arpit Joshipura, General Manager, Networking, Edge, and IoT, The Linux Foundation. “Join us either in-person or virtually to learn from some of the best and brightest innovators.”

With an extensive program of 80+ talks, ONE Summit + Kubernetes on Edge Day will cover the latest trends across networking & edge across business & technical sessions. Conference tracks include: Enterprise Networking & Edge; Cloud Networking & Edge; Kubernetes on Edge; The New Service Provider (Open Core, Unified Edge & Universal Access); and Business Critical & Innovation.

New Keynote speakers:

  • Dr. Junlan Feng, Chief Scientist & General Manager, China Mobile Research. Dr. Feng also chairs the LF Networking Governing Board. Her presentation will focus on Network Automation and AI
  • Jennifer Kyriakakis, Founder & VP Marketing, MATRIXX Software. Ms. Kyriakakis’ session will focus on Making 5G Real Leveraging Open Source
  • Vanessa Little, Global CTO, Interdynamix (IDX). Ms. Little will speak about Challenges & Innovation in Integration of Open Ecosystem 
  • Amy Zwarico, Director – Cybersecurity, Chief Security Office, AT&T. Ms. Zwarico will participate on a keynote panel, “Security across Cloud, Telecom and Edge – in an open world”

Registration

Registration (in-person) is offered at the standard price of US$1125 through September 20. In-Person Academic and Hobbyist Passes are available for US$575 and Student Passes for US$275. Registration to attend virtually is US$50 for all attendee types. Given the current COVID pandemic, all registration funds are fully refundable up until the day before the event.

Members of The Linux Foundation, LF Networking, LF Edge and CNCF receive a 20 percent discount off registration and can contact events@linuxfoundation.org to request a member discount code. 

Attendees looking to attend ONE Summit + Kubernetes on Edge Day and KubeCon + CloudNativeCon can register for all events through the KubeCon + CloudNativeCon registration form and add their ONE Summit registration at a discounted rate (US$599 for Corporate or US$399 for Individual or Academic).

Health and Safety

In-person attendees will be required to be fully vaccinated against the COVID-19 virus and will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. Note, in-person registrations are 100 percent refundable until October 10, 2021. To learn more, visit the Health & Safety webpage and read our blog post

Sponsor

Open Networking & Edge Summit + Kubernetes on Edge Day is made possible thanks to our sponsors, including Diamond Sponsors: Intel and Juniper Networks, Platinum Sponsors: Huawei, IBM and Zededa, and Gold Sponsor: Cloud Native Computing Foundation. For information on becoming an event sponsor, click here or email  for more information and to speak to the team.

Press & Analysts

Members of the press and analyst communities who would like to request a press pass to attend should contact Jill Lovato. 

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, Linkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact

Jill Lovato

The Linux Foundationjlovato@linuxfoundation.org

OSPOCon, held in North America and Europe this year, is a new event dedicated to creating better, more efficient open source ecosystems, covering the creation and best practices of open source program offices (OSPOs), open source corporate sustainability, and much more.

SAN FRANCISCO, August 18, 2021 —  The Linux Foundation, the nonprofit organization enabling mass innovation through open source, along with co-host the TODO Group, an open group of organizations who collaborate on practices, tools and other ways to run successful and effective open source programs and projects, today announced the conference agenda for OSPOCon Europe 2021. The event takes place October 6 in London, England. The schedule can be viewed here

Open Source Program Offices (OSPOs) face many obstacles, such as ensuring high-quality and frequent releases, engaging with developer communities, and contributing back to other projects effectively. OSPOCon events will empower the collaboration of those working to create a center of competency for open source in their organizations through sharing experiences, best practices and tooling. 

OSPOCon Europe session highlights include:

  • What TODO in the EU: Updates from the TODO Group European Chapter – Leslie Hawthorn, Red Hat & Alexios Zavras, Intel
  • Innersource: The Key to Your OSPO’s Success – John Mark Walker, Fannie Mae
  • Exploring OSPOs and Open Methods in Humanitarian Response – Heather Leson, Solferino Academy, & International Federation of Red Cross Red Crescent Societies & Peter Masters, Humanitarian OpenStreetMap Team (HOT)
  • Good Governance Practices for Healthy Open Source Projects – Dawn Foster, VMware

In addition to OSPOCon Europe, OSPOCon North America is being held September 27-29 in Seattle, Washington alongside Open Source Summit + Embedded Linux Conference 2021. To view the schedule, click here. These events are being produced in a hybrid format, with both in-person and virtual participation available. To learn more, click here

Registration
Registration is offered at the early price of 140 GBP through August 24. Members of The Linux Foundation and the TODO Group receive a 20 percent discount – members can contact events@linuxfoundation.org to request a member discount code.

Health and Safety
In-person attendees will be required to be fully vaccinated against the COVID-19 virus and wear a mask while onsite at the event. Additionally, all attendees will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage and read our blog post.

Academic Registration Scholarships & Travel Funding
Support for Academic Scholarships and Travel Funding is provided by the Alfred P. Sloan Foundation and is intended to enable participation in OSPOCon by faculty, staff, students, and/or administrators actively engaged with or interested in learning more about Open Source Program Offices in Academic/Research institutions. To learn more and apply, click here.

Diversity & Need-Based Scholarships and Travel Funding
Applications for diversity and need-based scholarships are currently being accepted here. The Linux Foundation’s Travel Fund is also accepting applications, with the goal of enabling open source developers and community members to attend events that they would otherwise be unable to attend due to a lack of funding. We place an emphasis on funding applicants who are from historically underrepresented or untapped groups and/or those of lower socioeconomic status. To learn more and apply, click here

Sponsor
For information on becoming an event sponsor, click here or email us for more information and to speak to our team. The sponsorship deadline is September 9. 

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, LinkedIn, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact
Kristin O’Connell
The Linux Foundation
koconnell@linuxfoundation.org

Industry leaders come together to drive the growth of eBPF as a transformational technology to redefine networking, security, tracing and observability

SAN FRANCISCO, August 12, 2021 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced that it is hosting the eBPF Foundation. Founding members include Facebook, Google, Isovalent, Microsoft and Netflix. This comes in advance of the eBPF Summit, a free and virtual event taking place August 18-19, 2021.

eBPF allows developers to safely and efficiently embed programs in any piece of software, including the operating system kernel. As a result, eBPF is quickly becoming the method of choice for achieving a wide range of infrastructure use cases, delivering significant efficiency and performance gains and dramatically reducing the complexity of the system. For example, Facebook is using eBPF as the primary software-defined load balancer in its data centers, and Google is using Cilium to bring eBPF-based networking and security to the managed Kubernetes offerings GKE and Anthos.

“eBPF is a revolutionary technology that allows us to modify operating system behavior in real time without risky or expensive kernel code changes. It’s had a remarkable impact on our ability to iterate quickly on everything from networking to security to containerization,” said Alexei Starovoitov, Co-creator and Maintainer of eBPF, Kernel Developer at Facebook.

eBPF changes the way operating systems and infrastructure services are designed. It bridges the boundary between kernel and user space. It encourages and accelerates innovation and is a significant leap forward in open source technology for networking, security, application profiling/tracing and system observability use cases. eBPF enables users to even combine and apply logic across multiple subsystems which were traditionally completely independent.

“eBPF has redefined the way we think about the operating system and has led to a massive wave of innovation in networking, security, and observability. Because of its deep relevance in the cloud native world, eBPF adoption has been accelerating at an incredible pace,” said Daniel Borkmann, Co-creator and Maintainer of eBPF, Kernel Developer at Isovalent.

By making the OS kernel programmable, infrastructure software can leverage existing layers, making them more intelligent, scalable and feature-rich without continuing to add additional layers of complexity to the system. eBPF has resulted in the development of a completely new generation of tooling in areas such as networking, security, application profiling/tracing and performance troubleshooting that no longer rely on existing kernel functionality but instead actively reprogram runtime behavior without compromising execution efficiency or safety.

The eBPF Foundation will expand the significant level of contributions being made to extend the powerful capabilities of eBPF and grow beyond Linux. It will be the home for open source eBPF projects and technologies and nurture the community through a variety of activities, including summits and other collaboration events in order to further drive the growth and adoption of the eBPF ecosystem.

“eBPF is one of the greatest examples of the kind of innovation that happens in the Linux community and encompasses technologies that are natural for us to host. It also represents the future of operating systems and microservices delivery,” said Mike Dolan, general manager and senior vice president of projects at the Linux Foundation. “We look forward to supporting the work of the eBPF Foundation and community.”

For more information, please visit: https://www.ebpf.io

Member Quotes

Facebook
“For many years, eBPF has played a critical role in accelerating the kernel development — thanks to the tireless work of many dedicated developers and maintainers,” said Chris Mason, Kernel Maintainer and Engineering Director at Facebook. “We’re excited to support the work of the eBPF community, enabling them to build the tools needed to power the next generation of Linux system development.”

Google
“We are excited to see the Linux Foundation announce their decision to host eBPF,” said Chris DiBona, director of open source at Google. “eBPF is the future of networking for the Linux kernel and Google is pleased to be part of the evolving standard it has created.”

Isovalent
“The programmability of eBPF has enabled a revolution in security, observability, and networking. In particular in the area of containers and the cloud native space more broadly. We are proud to have played a central role in developing and co-maintaining eBPF from its early days to the industry standard it has become. We are looking forward to continuing to work with the community,” said Thomas Graf, Chief Technology Officer, Isovalent. “Even though eBPF has already found its ways into the production stacks of countless enterprises, we are still at the beginning of the innovation curve that eBPF as a technology unlocks.”

Microsoft
“eBPF has resulted in a new generation of tooling that allows developers to easily diagnose problems, innovate quickly, and extend operating system functionality,” said Mark Russinovich, Chief Technology Officer, Microsoft Azure. “Microsoft looks forward to partnering with the community in further expanding the use of eBPF in new scenarios and platforms.  We’re excited to collaborate with the other founding members and hope additional organizations will join.”

Netflix
“eBPF is a new type of software that provides superpower capabilities, birthing an industry of networking, performance, and security technologies,” said Brendan Gregg, senior performance engineer at Netflix. “Netflix has pioneered uses of eBPF for observability, providing insight into countless areas that were previously difficult or prohibitively expensive to instrument. eBPF has helped us lower application latency and find cost savings. Netflix is delighted to join the eBPF Foundation to collaborate and develop more exciting technologies.”

Supporting Quote

Intel
Intel welcomes the creation of the eBPF Foundation. Technologies including eBPF have the potential to revolutionize critical applications and use cases across compute, storage, networking, and next generation infrastructure. We are excited to continue to contribute to eBPF and look forward to working with the new eBPF Foundation to accelerate customer workloads and unlock innovation,” said Jesse Brandeburg, a Principal Software Engineer in the Ethernet Products Group at Intel.

About The Linux Foundation
Founded in 2000, The Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. The Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page:  https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact
Jennifer Cloer
for the Linux Foundation
503-867-2304
jennifer@storychangesculture.com